Cybersecurity

With no end in sight to the ever-increasing cybersecurity challenges, the federal government must move quickly and deliberately to adopt an architecture to protect against all outside threats. This means building on existing strengths and bolstering cybersecurity strategies.

The small business sector must seize the day and immediately begin taking the steps necessary to implement tools for cyber resilience and cyber readiness. Scaling cybersecurity services, education and training are crucial to national security.

Regarding the cyber warfare landscape for 2021, the most critical group to secure is the small and midsize business sector (SMBs), particularly following the pandemic. When working with tech-specific organizations and the military, process management and a sense of purpose can overcome inertia and apathy until a financial loss appears.

Led by the Air Combat Command, the U.S. Air Force is pursuing zero-trust architecture on a level not seen before. One of the service’s first main use cases applies the cybersecurity measure to the agile combat employment (ACE). ACE operations provide a more lean, agile and lethal force that can generate airpower from multiple locations. ACE requires a different kind of command and control (C2) environment, as well as advanced planning concepts and logistical supply line support.

3rd Place in The Cyber Edge 2021 Writing Contest

A military-age male left home and traveled through the city, unaware he was being surveilled. Those watching him knew his patterns and preferences. They collected his point of departure, route and destination to predict when he would be most vulnerable for attack. Arriving at a marketplace, he meandered through a few high-traffic areas. Passing down a quiet corridor, he finally provided a clear shot. His smartphone buzzed and its screen flashed: “Two-for-one sale at the nearby pretzel shop!” He was struck by a precision-guided advertisement.

Bowhead Cybersecurity Solutions and Services, Springfield, Virginia is awarded a $92,308,000 cost-plus fixed-fee and cost-only contract for senior consultation support services. Work will be performed in the Washington, D.C. area and is expected to be completed by June 2026. Fiscal 2021 operation and maintenance (Navy) funding in the amount of $2,500,000 will be obligated at the time of award. There are no options for this contract award. This funding would have expired at the end of the current fiscal year if this award had not been made. This contract was a directed in accordance with Section 8(a) of the Small Business Act (15 USC 637(a)(1)) and the Federal Acquisition Regulation part 19.8.

Recent cyber attacks against critical infrastructure such as the attack on Colonial Pipeline Co. has put cybersecurity in the spotlight.

But combating cyber adversaries is a broad area requiring significant amounts of human intelligence and a deep technical expertise to identify them, Gene Yoo, CEO of Resecurity Inc., told SIGNAL Magazine Editor-in-Chief Robert K. Ackerman during a SIGNAL Media Executive Video interview.

Adversaries come in different types, he added, noting that these range from part-time hacktivists to skilled professionals working for criminal organizations or state intelligence agencies.

In an effort to increase critical infrastructure cybersecurity and better protect federal networks, President Joseph Biden signed an executive order on May 12. It includes provisions to improve information sharing between industry and the U.S. government, overhaul federal cybersecurity standards, spur the further use of cloud computing and zero trust architecture, and mandate the use of multifactor authentication and encryption. Amongst other measures, the executive order establishes a Cybersecurity Safety Review Board that would dissect a significant cyber incident and make recommendations for action.

The recent wave of high-profile cyber attacks on federal government agencies and the businesses that support them has gotten organizations thinking about security. A key part of any organization’s security strategy is access management—determining who can access certain kinds of information and resources and when and/or where they can do so.

But determining where to start can often be delayed by indecision due to over-analysis and caution, explains Ross Johnson, director of federal sales for Thycotic Software Ltd. The first and most important thing an organization can do is to make the decision to take inventory of all their data assets.

The revolutionary advantages offered by defense use of 5G technology could be undone if the United States doesn’t begin now to meet and overcome a set of challenges, said an expert from the National Security Agency (NSA). These challenges range from developing effective security measures to ensuring the supply chain is not contaminated by parts made by foreign adversaries.

The nature of military permanent change of station assignments can create gaps in the U.S. Defense Department’s protected posture to cyber assets. The current approach allows valuable institutional knowledge literally to walk out the door, often being replaced with inadequately prepared personnel walking in. This practice runs contrary to the Pentagon’s stated strategic goals that aim at building and maintaining a skilled workforce rather than solely acquiring new tools.

The entire nation must engage in an informed debate about cybersecurity and how to stop the damage being inflicted by adversaries through cyberspace, says the director of intelligence for the U.S. Cyber Command. Brig. Gen. Matteo Martemucci, USAF, J-2 for the U.S. Cyber Command, says this debate must explore whether the roles played in cyber defense stay the way they are or change.

Companies preparing for Cybersecurity Maturity Model Certification (CMMC) should beware of firms that are promising to get them certified, said a government official. Stacy Bostjanick, director of CMMC, Office of the Under Secretary of Defense (A&S), stated that any firms claiming to be able to do that are not capable of that function yet.

The greatest threat the United States faces is through cyber attacks on economic targets, and the worst adversary in this realm is China, according to the director of intelligence for the U.S. Cyber Command. Brig. Gen. Matteo Martemucci, USAF, J-2 for the Cyber Command, declared that China’s pilferage of intellectual property represents a major strike against the United States as part of the Middle Kingdom’s plan for global domination.

The Federal Bureau of Investigation (FBI) has a unique role as a federal law enforcement agency as well as a national security department. Its vast information technology enterprise must support its functionality in carrying out these roles, which have different rules of engagement. And when adding new tools, processes or software, the bureau has to consider solutions carefully. With zero trust architecture—a method that combines user authentication, authorization and monitoring; visibility and analytics; automation and orchestration; end user device activity; applications and workload; network and other infrastructure measures; and data tenants to provide more advanced cybersecurity—gaining use in the U.S.

The future enterprise will be edge-centric, cloud enabled and data driven, said Bill Burnham, CTO, U.S. Public Sector Business Unit, Hewlett Packard Enterprise.

He shared his ideas during an AFCEA online event titled “The Edge Is Where the Action Is!”

It is no secret that the U.S. government is grappling with cybersecurity issues across its organizations and agencies. The good news is that the government has an auditing agency that investigates possible weaknesses or cybersecurity gaps and makes key recommendations to rectify problems: the U.S. Government Accountability Office, known as GAO.

Experts have issued fresh warnings to U.S. citizens over the enormous amount of sensitive, personal information being routinely captured and commoditized, and that this same information is being weaponized by the country’s adversaries. A panel at the recent AFCEA TechNet Cyber conference highlighted that data gathering by Facebook, WhatsApp and Google presents a significant risk to both individuals and the nation.

The Defense Department’s new cybersecurity maturity model certification (CMMC) coincidentally took effect on the first day of TechNet Cyber, AFCEA’s virtual event being held December 1-3. Leading officials with the Defense Department, the Defense Information Systems Agency (DISA) and industry discussed what its implementation will mean to the defense industrial base (DIB) and the community as a whole.

U.S. data protection and its relationship to national interests are swiftly evolving. One reason this trend will continue, cybersecurity specialists say, is that other nations see cyberspace differently than the United States and other democracies. Rather than incorporating technology into their societies as a tool, they use cybersecurity—both offensively and defensively—to support their different views and overall significantly challenge U.S. interests.

Automation software tools are being under-utilized, especially in the U.S. Defense Department. While the department has purchased and used automated scanning tools for security and compliance, it has been slow to adopt automation for many other tasks that would benefit from the capability, such as easing software deployment and standardization and, once developed, increasing the speed of overall automation.

Many agencies today lack a way to effectively and securely govern access across multicloud environments. Though the use of multiple cloud platforms such as AWS, Azure and Google give agencies the freedom to match the requirements of each use case to the unique strengths of each cloud platform, it also leaves businesses vulnerable to the risks and costs of noncompliance, cyber attacks and human error.

Lack of governance can also stifle productivity and growth—if users can’t get the access they need when they need it, work doesn’t get done. Managing who has access to what and with which privileges is a major challenge in the cloud due to rapid change and its large scale.

The two-factor authentication schema is often heralded as the silver bullet to safeguard online accounts and the way forward to relegate authentication attacks to the history books. However, news reports of a phishing attack targeting authentication data, defeating the benefits of the protection method, have weakened confidence in the approach. Furthermore, hackers have targeted account recovery systems to reset account settings, yet again mitigating its effectiveness. Facilitating additional layers of security is crucial to bolstering user account protection and privacy today and into the future.

COVID-19 has done more than increase hand-washing and mask-wearing. It has meant an entirely new way of communicating and collaborating. Those on the front lines say some of these changes are here to stay and will last much longer than the pandemic simply because they are more efficient ways to do business.

The COVID-19 pandemic brings with it a new set of cyber vulnerabilities built around lifestyle changes throughout society, and these vulnerabilities cry out for new means of cyber resiliency. “It’s quite possible that historians will remember COVID-19 as one of the very important civilizational turning points,” says Alexander Kott, chief scientist of the Army Research Laboratory and Army ST for cyber resilience. “COVID-19 is acting as a forcing function. It forces us to accelerate the transition to a more virtual society than we were before, and it is accelerating the trend that was occurring before COVID-19 but was happening more slowly and less noticeably.”